Modified Twitter Page for Midjourney (Deleted in March 2024)

Bitdefender

Safety organization Spyware has reported an alarming trend where scammers are targeting unsuspecting Twitter users, luring them into installing malicious software by leveraging the allure of artificial intelligence capabilities and services.

Over the past year, scammers have been masquerading Facebook Pages to resemble legitimate AI services, such as OpenAI’s Sora video creation tool and DALL-E image-generating application. These fraudulent entities place ads on Facebook’s network, enticing users with the promise of early access to cutting-edge AI products and research. Subsequently, they populate the Page with AI-generated content to create an illusion of authenticity. Followers are then instructed to download supposed experimental AI software, which in reality is malware like Rilide, Vidar, IceRAT, and Nova designed to pilfer their data.

The realm of AI is rapidly evolving, with a growing curiosity about upcoming advancements, despite the widespread use of tools like ChatGPT and DALL-E by millions. Unfortunately, cybercriminals identified by Bitdefender are preying on these individuals, with some instances of successful deception.

Notably, the most prominent Facebook Page identified by Bitdefender, Midjourney AI, amassed a staggering 1.2 million followers before being shut down by Facebook in March 2024. Following its removal, copycat Pages emerged, initiating a game of cat and mouse.

Bitdefender remarked, “Since commencing our investigation, we have identified four additional Facebook pages attempting to impersonate Midjourney, some of which have been promptly removed.” The perpetrators rebranded the original Page to mirror the latest malicious iteration allegedly impersonating Midjourney on March 18, subsequently assuming control. As of March 26, the fraudulent profile boasts 637,000 followers.

Several warning signs were evident in cases where users were prompted to download software. Bitdefender noted that users were directed to Google Drive or Dropbox links. Furthermore, a cursory examination of these Pages would swiftly reveal their lack of direct affiliation with the purported companies.

Vigilance and awareness are paramount in cybersecurity. Legitimate tech entities do not distribute experimental features via Facebook Pages, including Meta. Crucially, they never share third-party links for software downloads.

Looking ahead, Bitdefender foresees continued threats targeting Facebook users through similar ploys. The security firm advocates against downloading software from unverified sources, implementing multi-factor authentication to fortify account security, and maintaining a vigilant stance against potential threats.